tootik posts are Notes and polls are Mastodon-compatible Questions.
In addition, it supports Page and Article posts.
Different servers, frontends and clients use different HTML tags and attributes or even add extra whitespace when they construct content from the user's raw input, so tootik's HTML to plain text converter is only a 80/20 solution. Most posts look fine and pretty much follow the way a web frontend renders them.
tootik users are Persons.
tootik communities are Groups.
tootik automatically sends an Announce activity to followers of the community when to or cc of a post by a follower mention the community. In addition, tootik forwards the original activity but without wrapping it with an Announce activity like FEP-1b12 says.
tootik's UI treats Group actors differently: /outbox/$group hides replies and sorts threads by last activity.
tootik implements draft-cavage-http-signatures-12 but only partially:
- It ignores query
- It always uses
rsa-sha256, ignoresalgorithmand putsalgorithm="rsa-sha256"in outgoing requests - It validates
Host,Date(seeMaxRequestAge) andDigest - Validation ensures that key size is between 2048 and 8192
- Incoming
POSTrequests must have at leastheaders="(request-target) host date digest" - All other incoming requests must have at least
headers="(request-target) host date" - Outgoing
POSTrequests haveheaders="(request-target) host date content-type digest" - All other outgoing requests have
headers="(request-target) host date"
tootik creates a special user named nobody, which acts as an Application Actor. Its key is used to sign outgoing requests not initiated by a particular user.
This user can be discovered using WebFinger, just like any other user:
https://example.org/.well-known/webfinger?resource=acct:[email protected]
For compatibility with servers that allow discovery of the Application Actor, the domain is an alias of nobody:
https://example.org/.well-known/webfinger?resource=acct:[email protected]
The sharedInbox of other users points to nobody's inbox, to allow wide delivery of posts.
tootik forwards replies (and replies to replies [...], until MaxForwardingDepth) to followers of the user who started the thread.
tootik does not fetch missing posts to complete threads with "ghost replies".
tootik sets the outbox attribute on users, but it always leads to an empty collection.
tootik supports Mastodon's account migration mechanism, but ignores Move activities. Account migration is handled by a periodic job. If a user follows a federated user with the movedTo attribute set and the new account's alsoKnownAs attribute points back to the old account, this job sends follow requests to the new user and cancels old ones.
tootik users can set their alsoKnownAs field (to allow migration to tootik), or set the movedTo attribute and send a Move activity (to allow migration from tootik), through the settings page.
tootik supports Mastodon's follower synchronization mechanism, also known as FEP-8fcf.
tootik attaches the Collection-Synchronization header to outgoing activities if to or cc includes the user's followers collection.
Received Collection-Synchronization headers are saved in the tootik database and a periodic job (see FollowersSyncInterval) synchronizes the collections by sending Undo activities for unknown remote Follows and clearing the accepted flag for unknown local Follows (see FollowAcceptTimeout).